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(54) System for configuring and remotely administering a 



-nputer ove 



• a network 



(57) A forms based browser interface system for 
configuring and administering a network server from a 
remote location. Using forms, such as hyper-text 
markup language forms, the system provides a graphi- 
cal user interface that allows a novice user, unaware of 
the platform, architecture or even operating system of 
the network server, to transact administrative tasks on 
the network server. An interfacing computer, at which 
the novice user performs administrative tasks upon the 
network server, is connected to the network server via 
network connections. The interfacing computer is 
equipped with a browser program that can display and 



interact with the forms created by the network server 
The forms allow the user to select among various ad- 
ministrative tasks to be performed on the server. The 
forms also allow the user to input parameters for admin- 
istration of the server such as new account names wher 
adding new accounts for the server. Once the form inpui 
is submitted over the network connections to the net- 
work server, scripts within the sen/er pass this informa- 
tion as parameters to appropriate software that com- 
plete the execution of the task and may signal 
user at the interfacing computer through messages 
the forms, success or failure thereof. 
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Description 

BACKGROUND OF THE INVENTION 



The present invention relates to the field of configuring and administering computer systems. More particularly, 
tine present invention relates to automating the configuring of computers and administering computers using a graphical 
user interface from a remote location. 

Description of Related Art 

Certain computer systems such as those running in the UNIX operating environment are sufficiently complex that 
they have traditionally required specially trained technicians to configure and administer them. 

Configuring and administering a UNIX computer systemi has always been a specialized job requiring the know- 
how of a trained technician with a thorough knowledge of UNIX. The level of training and know-how required to suc- 
cessfully perform these tasks increases when the UNIX machine is connected to a network, and lurther increases 
when the UNIX computer is to be used as a server providing access to data and code for other machines connected 

Further, in order to install and configure a UNIX-based computer, the computer must be connected to a monitor 
and an input device, usually a keyboard with which a UNIX trained technician must manually type commands. Thus, 
the operating system, system utilities and some software applications that run on the UNIX system cannot be mace 
available for use without the help of a UNIX trained technician working at the site of the server A UNIX computer with 
devices such as disk or tape drives requires, for instance, complicated configuration known as "mounting" such that 
the operating system and software can recognize and use the drives. Similarly, networking Interfaces such as. a TCP/ 
IP stacker packet drivers must be configured upon the installation of the operating system and/or the communications 
software that uses them such that File Transfer Protocol (FTP) or Telnet may operate correctly. When the UNIX com- 
puter also operates as a server, then the server software must be correctly installed and configured to run admiinistrative 
tasks such as file permissions and setting up user accounts. This has typically required a system adminisiraior with 
experience in such features as shell scripts and daemons (for file systems and E-mail). Even when administrative tasks 
are m.ade available to a system, administrator however, they must be performed using a terminal at the physical location 
of the server. 

Thus, there is need for a method and apparatus that circumvents (he need for trained technicians in order to 
configure and remotely administer computers such that persons not trained in the operating system or platform of the 
computer can perform these tasks graphically and remotely. 



SUMIVIARY 



The present invention is a method and system for automating the initial configuration of a computer system and 
providing for remote ongoing administration of the computer system, particularly when the system is UNIX-based net- 

The server is configured using information on a removable media such as a diskette for use over a network. The 
server then self configures "packages" containing administrative software and system utilities for the server, according 
to an order established by the sen/er file system. Once the configuration is complete, a user may thereafter administer 
the network sen/er from a remote location on an interfacing computer. Using forms, such as hyper-text markup language 
forms, the interfacing computer displays a graphical user interface, which is ideally a world-wide web browser, allowing 
a novice user, untrained and unaware of the platform, architecture or even operating system of the network server, to 
perform administrative tasks on the network server The interfacing computer is connected to the network server via 
network connections and is equipped with a browser program) that can display and interact with forms created by the 
network ser\/er These forms allow the user to select among various adm,inistrative tasks to be performed on the server 
Once a task is selected, such as when adding new accounts for access to the server additional forms allow the user 
to input information concerning the task such as an account name. Once the input entered in the forms is submitted 
over the network connections to the network server, scripts within the server pass this information to appropriate soft- 
ware that complete the execution of the task and may signal to the user at the interfacing computer through messages 
on the forms, success or failure thereof. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

Figure 1 is a diagram showing the main components of the interfacing system of the present invention. 

Figure 2 is a flowchart showing the steps involved in configuration of the server and its software. 

Figure 3 is a flowchart showing the steps in adnninistering the server fronn a remote location on an interfacing 

Figure 4 is a chart showing the directory tree structure of static package information. 
Figure 5 is a chart showing the directory tree structure of dynamic package information. 
Figure 6 is an illustration of various package registration files contained in the registry. 

Figure 7 is a screen capture of a sample graphical user interface administrative screen for network configuring 
according to the present invention 

Figure 8 is a screen capture of a sample graphical user interface administrative screen for adding users of the 
screen according to the present invention. 

DETAiLED DESCRIPTION OF THE INVENTION 

Figure 1 shows a system level diagram of the interfacing system. A UNIX-based computer requires specially 
trained and knowledgeable technicians such as System Administrators, to carry out such tasks as configuring devices 
and software of the computer Further, when the computer is used as a sen/er 10 for access over a network 30 via a 
network connection 130, the tasks of configuring the software of the server 10, according to the prior practice, require 

Assuming the base operating system of the sender 10 has been installed, a diskette 110 containing configuration 
data 120. particularly network configuration data, such as an Internet Protocol (IP) address, Domain Name Sen/er 
(DNS) information and/or packet drivers related to network connection 1 30 may be used for configuring the server 10 
to communicate with other computers, over the network 30. The "packages" (software) in the server will read and 
process the configuration data 1 20 from the diskette 1 30 and automatically configure the computer as, for example, a 
World-Wide Web (WWW) sen/er that uses Hyper Text Transport Protocol (HTTP), 

Thereafter, any user of remote interfacing computer 40, regardless of whal operating system the rem.ote interlacing 
computer 40 runs or what platform the remote interfacing computer 40 is based upon, will be able to pe.^formi the 
ongoing administration of the ser/er 10. The administration can be handled by a Graphical User Interface (GUI) 60 
such as forms accessed through WWW "browsers" such as Netscape Navigator™ (a product of Netscape Communi- 
cations Corp.). The soo/or 10 will be HTTP capable and translate commands or requests issued over the network 30 
by the remote interfacing computer 40 employing its GUI 60, When GUI 60 establishes a "link" (successful network 
connection) with server 10, the GUI 60 becomes a browser interface for sending commands and receiving information 
from the server 10. An operator can. by the use of a monitor 50 which displays the GUI 60 and a keyboard or input 
device 70, run administrative tasks by inputting Information through menus or simple selections on the GUI. The input 
from the GUI is "submitted" (transmitted) to the server which then translates the input into a form utilized by commands 
native to the server 10, "Scripts" (self-executing programs) on the server 10 invoke whatever commands -and packages 
are necessary to perform the task entered by the user and return success or error messages. 

For examipie, to add a new user account for access to the server 10, the GUI 60 may have an icon entitled "Add 
User Account," whereupon a simple click would bring up a dialog box asking, for instance, a user name and password. 
Figure 8 shows such an arrangement. Upon entering the user name and password, the server 10 would receive the 
information over the network connection 130 and pass it along as parameters to a series of UNIX or "C" commands 
and packages invoked through self-executing scripts. Upon successful completion of the shell scripts and commands 
necessary to create user directories, set the password, create login files, and any other tasks necessary to complete 
theaddingof a new user account, the sen/er 10 can send back to computer 40 a "User Added Successfully" designation, 
which then flashes on the monitor 50 or perhaps, through the use of audio interfaces, simulates speech that extols 
"User Added Successfully." This example is described in greater detail later with respect to Figure 8. In a similar 
manner, any and all type and number of administrative and/or UNIX tasks can be implemented using graphical menus 
and dialogs through the GUI 60 that are simple in that they require no knowledge of, nor use of the platform or operating 
system server 10 operates on. 

The GUI 60 can merely be a browser-capable page lhat allows the user lo graphically interact with the server 10. 
Serve? 10 must contain or generate the necessary forms such as HyperText fviarkup Language (HTIML) pages, which 
a browser such as Netscape Navigator™ (a product of Netscape Communications Corp.) can then access. Thus, by 
"linking" to the server 10, any remote interfacing computer 40 that has an HTML browser can display forms that provide 
administrative command level access to the sen/er 10, without any UNIX system resident in remote interfacing computer 
40, The only requirement is that the computer 40 be implemented with TCP/IP or other networking capability to access 
the server 10 through network 30. Implementing computers with sucn c:.Hpability is well known in the art and will not be 
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described in detail, . , 

Using a remole interfacing computer 40, the server 10 is allowed to be a "he-adless" server that is, a server without 
a terminal display or any physical input devices such as keyboards or mice, since it can be fully administered and 
reconfigured from a remote location. Though the embodiment discussed herein relates to the example of server 10 

s being a"uNlX rMd server, the method and system for ihe interfacing system of the present invention may be employed 
on any servers of any platform, such as a DOS (Disk Operating System) or Macintosh. 

Figure 2 shows a sim.plified flowchan, of the initial booting and configuration process. When, the power of server 
10 is turned on, an initialization script is run out of the directory /etc/rc2.d (210) where 7" designates the root directory 
of the server file system. The system is queried as to whether a floppy with configuration data is prcsei-it (220). If not. 

TO the system will boot as-is (230). If a configuration floppy is found, the script will copy the configuration information from 
the floppy and place it into the appropriate administrative "package" directories 1240) into files with an extension " cf". 
(For example, in the case of the Domain Name Sen/er package, SUNWdnsA, the configuration file would be /etc/opt/ 
SUNVvnak7/packages/SUNWdnsA/conf/dnS-cf. The entire file system is described in detail later.) 

After ail the data is read and copied from the diskette into each package's corresponding ",cf" file, the /etc/rc2.d 

IS or other script then invokes the configuration program of SUNWhostA which is a package that sets the name of the 
ser/cr and other critical information (250). Then, the script invokes the rest of the packages' configuration programs 
in a sequence determined by the leading digits of the registration file name resident in a registry for each package 
(260), Each step in the configuration sequence involves sequentially invoking each package's configuration program. 
Each package's configuration program then reads the package's ".cf" file containing configuration information read 

20 from the diskette. Thus, the package SUNWdnsA will have a program /etc/opt/SUNWnak/packages/SUNWdnSA./bin/ 
config perform.ing the configuration according to the corresponding ".cf" file. Critical packages, such as SUNWnetA. 
which configure the networking interface, should be first configured so that adm.inistrativa tasks may be performed 
over the network from a remote iocation. After the configuration of all packages is peilormed and the sen/er has booted 
(265), the system is considered fully configured (270) and users can connect the server using port BO (standard HTTP 

2S anonymous user port) over the network 30 to m.erely use the sen/er, or connect to port 81 (administrative port) to begin 
administration of the server. 

Figure 3 shows an overview of the steps involved in carrying out the remote administration of the server from the 
interfacing computer 

Starting with step 1000, it is assumed that the server, "xyz", has been previously configured via diskette (as shown 

30 in Figure 1 ) so it can at least be accessed from the network according to the steps described with respect to Figure 
2 In step 1000. the user launches a WWW browser on the remote interfacing computer and invokes "http://www.xyz. 
abc:8l " to access the HTML-based administrative user interface (at a m.ain screen or home page) to the server "xyz". 
The designation "www.xyz.abc" is the Uniform Resource Locator (URL) that any user with a WWW browser and nec- 
essary networking feed can connect with to get access to the sen/er In step 1100, the user enters an appropriate login 

X and password to access server xyz's HTML-based administrative forms and pages. Once in the top level form for 
system configuration and administration, according to step 1200, the user selects the administrative task that they 
prefer to pursue, such as FTP configuration or new user addition. According to the task selected, in step 1300. the 
user will be presented with one or more task relevant HTML forms that let the user spec ify configuration or administration 
information. According to step 1400, the user then fills in the required form and "submits" It to the server over the 

■io network by activating, for instance, a "submit" icon/button provided on the form. 

In accordance with step 1500, information submitted through those HTML forms is transmitted over the netwcrk 
to the server where scripts process the submitted information and either accept or reject it (step 1600). If information 
is rejected, error messages are displayed back to the user (step 1550), and the input, submit, and validation process 
repeats until the transaction can be completed. According to step 1700, once the script gets valid input data from the 

■*s user, the submitted data is passed on to the executables of the appropriate administrative package or UNI X commands 
corresponding to the task selected (step 1 800). According to step 1 900, upon completion of the task requested by the 
user a message indicating successful task completion is transmitted to the user on the interfacing computer (1950). 
Similarly, if any errors occurred during task execution, an error message is transmitted to the user and the user may 
restart or cancel the task (step 1970). Similarly, the steps mentioned above may be utilized for altering configuration 

so of the server by changing the ".cf" files using input submittal in forms. 

The process of form input, submittal, script processing, and program invocation can be repeated/moditied'for any 
number of tasks to accomplish ongoing configuration and administration of the UNIX system without the user having 
to type a single UNIX command or know anything about UNIX. Further, as is standard for HTML forms, the user will 
readily be able to escape back to any previous form or cancel the task entirely, if the user so chooses. 

■5S Several network "packages", such as FIR are provided by the sen/er 10 for usg in enabling and controlling client 

or user access. The present invention will be described as working with SOLARIS™ (a product of Sun Microsystems, 
inc.) as the underlying operating system, but one skilled in the art will appreciate that any operating system, properly 
outfitted, can underlie the network server and provide similar packages lor network/server administration. Though pre- 



4 




EP 0 803 808 A2 

installed with certain packages, the server 1 0 can be equipped to dynamically add new packages as they are requested 
by or required for clients and users. 

Among the basic services provided by the packages are Hyper Text Transfer Protocol (HTTP), Dynamic Host 
Configuration Protocol (DHCP), Internet Mail Protocol (1/vlAP) and Post Office Protocol (POP). Additionally, the server 
5 \0 will have a Domain Name Server (DNS) package providing name-server information such as the IP addresses of 
a cache server, a primary sen/er and a secondary server. A "sendmail" sen/ice is also provided to give Simple Mail 
Transport Protocol (StvlTP) functionality to the users of the server 10. In terms of administrative support, server 10 is 
configured to provide asynchronous Point-to-Point Protocol (PPP) setup. File Transfer Protocol (FTP) setup, added 
security (for granting super-user or ordinary user access to the sen/er over the network) and access to newsgroups or 
. :o Gopher information services, and the ability to add user accounts for mail and web access. In terms of configuration 
support the following functionality is exemplary: IP addressing, netmask, default route schennes. root passwords, dale, 
time and timezone setting. 

The server 10 has a daemon to produce HTIVIL documents that can be routed via HTTP so that the user may 
employ any HTfvlL browser they desire at the remote interfacing computer 40. .Thus, running under port 81 , rather than 

'S the standard HTTP access port 80, the daemon can prevent access from any hosts other than those in the local domain 
(designated by matching certain IP masks). The daemon also provides security such that users must authenticate 
themselves using a password to gain super-user or administrative type access to the server 10. HTlvlL forms provided 
for packages of the server are then used by authenticated users over port 81 to handle all the administrative upkeep 
of the sen/er 10. For example. Figure 7 is a screen capture of a Netscape Navigator™ displayed HTML form that sets 

20 Internet Protocol (iP) configuration for etherne! operation that is remotely administered according to the present inven- 

Figure 8, likewise, is a screen capture of a Netscape Navigator™ displayed HTML form that adds new user ac- 
counts. An atternative embodiment may provide a VT100 emulation or PC terminal program so that administrators can 
also enter commands and administer tfie server 10, if they so choose, using Telnet or direct modem dial-up. Thus, a 
25 TTY-based web client is necessary to translate enough HTfvlL tags to, at a minimum, display text and get input from 
forms in the case of only a cursor-addressable terminal. 

Further, the "remoteness" in terms of distance is not critical to the invention as the interfacing computer 40 may 
be in the same room as or provided along with server 10. 

30 A. Overall Framework of the Server 

A "framework" for the file system of the server is described in this section as it relates to package configuration 
and use. These "packages" are the primary software invoked to handle auto-configuration of the server 10 and, sub- 
sequently, are invoked during the remote administration of the sen/er 10 over network 30. Administrative packages 
35 can be configured through the HTTP interface quickly and easily, thereby eliminating the need to configure the package 
where the server 10 is physically located. The framework is referred to as "SUNWnak" (Network Appliance Kit) in 
Solaris™ (a Sun Microsystems operating system) terminology and has, in the files system area, static information as 



n Table 1 below. 


Table 1. 


Static Information residing at /opt 


SUNWnak/cgi-bin/ 


Contains HTfvlL forms work, such as main,.cgi 


SUNWnak/htmt/ 


Various HTML pages 


SUNWnakyicons/ 


Various xbm icons 


SUNWnak/images/ 


Various GIF/JPEG images 


SUNWnak/audio/ 


Package-related audio files 


SUNWnak/b in/audio 


Program to play audio files at a specified volume 


SUNWnak/bin/config 


Program to call configuration programs of other packages 


SUNWnak/bin/startup 


Run at boot-time to check configuration and update from disk if necessary 


vendor 


Symbolic link to vendor-specific "personality package" 


vendor-proto 


Prototype of a vendor package that ships with the computer 



Figure 4 shows the directory structure in which the static information specified in Table I for SUtMWnak resides. 
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Following down the tree in Figure 4, from a root directory 7" {300) to "opt" (305) and finally to "SUNWnak," a number 
of subdirectories reside. First, the "bin" subdirecton/ (312) contains the binary (executablej'files that are the base level 
commands of the framework such as the "config" program for calling coniiguraticn programs of the various packages. 
The "httpd" subdirectory (314) contains more advanced executables for maintenance and setup oi the server as a Web 
seroer. The "lib" subdirectory (315) contains libraries and utilities for running the various package configuration scripts. 
Finally the Netra'^" (a trademark of Sun Microsystems) subdirectory contains vendor-specific images and for.ms which 
can customize the administrative pages of the Vi/eb server. The "packages" subdirectory 320) contains a number of 
subdirectories, one for each package. 

For example. Figure 4 shows five such package subdirectories. The SUNWdnsA, SUNWftpa. SUNWhostA, SUN- 
WnetA and SUN WuserA packages each have directories, 322, 324. 326, 330 and 332,' respectively For an explanation 
describing what tasks each of these packages perform, see the discussion under Section B, entitled "Administrative 
Packages". 

Table II below shows that the SUNWnak framework also provides for dynamiic information in a separate file system 
area, namely 7elc/opt/sunwnak." Here, vendors and value-added resellers may add their own customized packages 
or passage add-ons according to their needs. 



Table II. 



Dynamic Information residing at etc/opt/SUNWnak 




Symbolic link to vendor-specific data area 




Prototype vendor data area 




Directory containing package registration information 


conf/ 


Configuration directory 


conf/SUNWnakcf 


Configuration file 




Various log-files 



Figure 5 shows the directory structure in which the dynamic information specified in Table il for SUNWnak resides. 
Following down the directory tree from 7etc" (400) to 7etc/opt" (405) and finally to 7etc/opt/SUNVVnak".(4lO), there 
are two subdirectories. The "packages" directory (420) has a subdirectory for each of the packages referred to in Figure 
4, (for an explanation of the tasks performed by these packages, refer to Section B, entitled "Administrative Packages".) 
The "SUNWdnsA" package directory is shown to have a "conf" subdirectory (470) which contains configuration file(s) 
such as "XX. cf" (415) where xx is an arbitrary designation and the empty files "reboot" (472) and "reboot now' (474). 
The "SUNWdnsA" package directory is also shown as having a "logs" subdirectory containing log files such as "dnsl. 
log" (462) which may have error messages during configuration on typescripts of sessions when the corresponding 
package, m this case SUNWdnsa, is run. Each of the other packages, SUNWftpa, SUNWhostA, SUNWnetA and SUN- 
WuserA have similar corresponding directories 422. 424, 426. 428 and 429, respectively and like SUNWdnsA, each 
of these directories also have "conf" subdirectories and "logs" subdirectories (not shown). 

By splitting the dynamic and static information into separate directories, back-up of /etc/opt/SUNWnak which con- 
tains all the data necessary for restoring/recovering the configuration, can be achieved more efficiently. The static data 
and executables can be recovered from original software packages rather than having to back-up the executables and 
static data along with the dynamic data. 

Using this framework, packages are also configured in the appropriate order and further, using the registry, HTML 
administrative forms are more easily organized according to registry entries. 

B. Administrative Packages 

As shown in Figures 4 and 5. each administrative package is installed into a subdirectory of /opt/SUNWnak/ 
packages (320) and /eto/opt/SUNWnak/packages (420). A particular package's files are Installed in two places: 1) 
under the/opt/SUNWnak/packages tree where the static data resides and 2) under /var/opt/SUNWnak/packages where 
ali the logs and configuration files reside. A particular feature of this invention is package registration, which will be 
daschbed in detail later The name of each package must be registered in a "registry" file under a registry directory as 
7var/opt/SUNWnak/registry/nnX.PKGname" (described later). - 

Every package must have two files. The first is bin/config (330), which is an executable program used for setting 
and testing configurations of the package, and the second is the HTML index or "home" page of the package. 

Among the five packages illustrated by their directories in Figures 3 and 4 are SUNWdnsA, SUNWftpA, SUN- 
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WhostA. SUNWnetA and SUNWuserA_ So as not !o obscure the focus of Ihe present invention, only a brief description 
of their function will be described- The SUNWdnsA package sets up the Domain Name Server information for the server 
1 0, with the I P addresses and masks specified by the user or automatically by the configuration diskette. The SUNWftpA 
package sets up the server tO as having FTP send and receive functionality The SUNWuserA package manipulates 
5 .user information such as passwords and login shells and its source code is detailed in Appendices A and B. The 
SUNWnetA configures the sen/er 10 for network interlace and capability. Figure 7 shows a typical administrative form 
which configures ethernet IP addresses. Thus, all of these packages when called through an HTML form at the remote 
computer provide complete administrative functionality with an ease-of-use provided by the graphical user interlace. 

'0 C. Package Registration 

All packages are registered with the framework through a registry The directory /etc/opt^SUNWnak/registry (430), 
shown in Figure S, contains registration information for all of the administrative packages. Within this directory are a 
number of registry files, one for each package. The file name looks like nnX.PKGname (440) where nn is a number 

IS between 00 and. 99 and merely determines the order of package auto-conforms using the boot-up process, X is a 
package type identification (e.g., "1" for network interface), and PKGname is the name of the package. Figure 6 shows 
registry files for each of the packages described earlier. Within each tile is a one-line text siring, for example, "DHCP 
- Dynamic Host Configuration Protocol." These package text strings are used as labels by the HTML link that invokes 
the package's administrative form. Each of these package registration files are used for sequencing the auto-configu- 

20 ration of the packages, shown in Figure 4. The packages are sequenced according to the alpha numeric sort order 
where nn=OQ is first and nn=01 is second, and nn=02 Is third and so on. Thus, in Figure 6 SUNWhost is configured 
first, then SUNWnet, etc. By using a directory command, such as "Is" in the registry directory the user can see what 
order the packages are configured in. 

Furthermore, when the leading digits of the registry files are extracted during generation of the HTML forms, these 

ss registry forms provide an efficient way of determining which menu items and forms occur/display in what order at GUI 60. 

D. Configuration 

Each administrative package may use configuration information, either from a sen/ice provider or as a result of 
30 the user filling out HTML forms. In order to simplify delivery backup and restoration of the packages' configuration, 
initial configuration information can be stored on diskette or other removable media. Referring to Figure 5, the config- 
uration files for the administrative packages reside in the directory /etc/opt/SUNWnak/packages/PKGname/conf (470) . 
Each configuration file will end with the suffix ".cf and have the form "xx.cf" (480). 

When saving configuration information, the framework copies the contents of the package's conf directory for 
3S example, "/etc/opt/SUNWnak/'packages/SuNwdnsA/conf (470) to a directory called "PKGname" on the diskette and 
overwrites configuration information already residing there. Each administrative package must have an executable file 
bin/config (345), as shown in Figure 4, for manipulating and processing its configuration information. The following 
program options are preferred; 

-10 - c configures the package according to the .cf files. 

t testing to insure that the semantics of the .cf files are acceptable without modifying any of the files. This option 
will return a status code. 

u "unconfigures" all changes it has done to the system, files, 
V returns the package's version information. 

The configuration program will return a status code indicating whether the action was successful or not. Further, this 
status code, between 0 and 255, with a 0 indicating an okay, and each of the numbers from 1 -255 indicating a specific 
error, such as when the config file is missing or corrupt or when a package is not installed properly provide feedback 
to the user on package configuration. Each of these options are provided to the user via configuration HTfvIL forms 

so similar to administrative HTML forms described earlier. Further, the status codes returned can be transmitted to the 
page accessed by the user to notify the user of the configuration status. 

if the action taken by the configuration program requires that the machine be rebooted before the new configuration 
occurs, the configuration program must write an empty file "reboot" (472) in its conf directory. The framework will 
recognize this file, continue with any other package configuration it needs to, remove the "reboot" (472) file, and then 

ss reboot the server 

If the configuration program requires that the server be rebooted immediately before any other package configu- 
ration commences, the config program must write an empty file "rebootnow" (474) in the corresponding package conf 
directory The framework will remove the file, remember what position it occupied in the configuration list, and reboot 
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server. When the machine reboots and the initialization program is run (rem /etc/rc2.d, i1 it sees a nriarker 
;ates it was in the middle of a configuration sequence, the script resumes configuration. Once the configuratic 
^ages is completed, ths server continues boot-up. 



E. Logs 



Each administrative package should be able to keep logs of any tasks performed, typescripts of sessions and also 
any error messages that are returned. Package-specific log files reside in the corresponding "logs" directory for that 
package as is illustrated by the SUNWdnsA exanr,pie in Figure 5, Each administrative package can have functionality 
to display its log file, such as dns2,log (462) for SUNWdnsA, using a menu item (icon) on one of the package's HTML 
forms and the file can then be displayed as a customized HTML form based on the text in the log file. For instance, 
referring to Figure 7, when the ethernet administration package encounters an error, a detailed error message may 
be stored in a log file for SUNWnetA, the package corresponding to ethernet set-up, for later viewing, 

F, HTIML 

Scripts, which are^ called by the user via the HTTP server in response to an HTML "submit" menu selection, will 
also translate the form input submitted to the server into appropriate values in the package's xx,cf configuration file 
and then invoke the package's configuration program passing along the input submitted by the user as parameters 
inside the xx,cf tile. In the FTP package using an HTfvlL form interfaces, the parameters input on the form are written 
to FTRcf and then the configuration program tor the FTP package (SUNWffpa) reads the ",cf" file to get the param.eters, 

HTML forms, such as the "Add User Account" form shown in Figure 3, allow a user at the remote interfacing 
computer to input information for adding a new account. Appendix A contains source code showing how this form 
may be generated. Referring to Figure 8, input windows, one for the account's login name, another for the account 
user's real name, another one for the password, and so on are illustrated. Once the information is input into the windows, 
selecting the mienu item "Add", as shown at the bottom of the screen, will "submit" the information over the netVv'ork 
130 and then the appropriate script(s) for that package on the server 10, in this case SUNWuserA, will run and the 
new user information will be passed as program parameters. The SUNWuserA scripts perform the necessary operations 
to get the new account ready, such as setting up directories for the new account, setting access permissions for the 
user of the new account, setting up a mail spooler or other related tasks. Appendix B contains source code showing 
how submitted information is processed and how UNIX operations necessary to add a new user account are performed, 

G, The Main Form 

The "main" form is the form referred to in step 1150 of Figure 3 as the "Administrative Tasks Home Page" that is 
displayed to the user immediately upon login or after visiting the welcome or home page of the server The main form 
is generated by an HTML command such as HREF="/SUNWnak/cgi-bin/main,cgi" which then generates an HTfvIL form 
with the following menu items: 

o Ivlanage Interfaces 

o Manage Sen/ices 

o Manage Users 

o Manage Hosts 

o . Advanced Management 

Selecting the "To Welcome" menu item takes the user back to the welcome or home page of the server. Each of the 
other five menu items will transfer the user to a different HTML page, v;hich corresponds to the "home page relevant 
to preferred task" as mentioned in Step 1300, Selecting the "Manage Users" page allows administrators to add and 
manipulate user accounts on the server, provide mail sen/ice, or create logins for placing web pages. In the case of 
user accounts, a user account administrative page is then displayed on the screen from which the option "Add User 
Account" inay be selected. Then, as shown in Figure 8, the new account information can be configured. The "Hosts" 
page lets administrators add, delete or modify host entries via he domain name server and dynamic host configuration 
protocol. Selecting the "Advanced Management" menu item provides users with functionality for modifying the server 
system itself. The "Advanced Management" page has menu items such as; 



o Manage system parameters 

o Adjust audio volume (including OFF) 
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o Install new software package 
o Save configuration 
o Restore configuration 
o Shutdown server 

Selecting the "Modify system parameters" menu item brings up an HTfvlL page with the following n 

o Set !P address, netmask. default route 
o Se! root password 
o Set date, time, and ti 



The first item "set IP address.,." may bring up a page similar to the one shown in Figure 7, The administrative pages 
described, and others simitar to them, are automatically generated by the packages and scripts, and can also be 
vendor-customized. The various administrative pages, whatever their appeararice, allow easy remote administration 
of the server 10 using a WWW browsor. 

Many alternate embodiments of the present invention are possible, depending upon the needs and requirements 
of the machine to be administered, and the embodiment described above is merely an embodiment to be used by 
computers operating on the Solaris'^" operating system which is a UNIX-based environment. 

While the present invention has been particularly described with reference to the various figures, it should be 
understood that the figures are for illustration only and should not be taken as limiting the scope of Ihe invention. Many 
changes and modifications m.ay be made to the invention, by one having ordinary skill in the art, without departing from 
the spirit and scope of the ir 
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6 (I )U30rl .cqi 



t Vaciables 
I 

PKG-suNWuserX 
♦ 

I Load the libraries 

! /opt/SUN-'inayt/lib/naK.globala 
, 5PKGRO0T/cgi-bin/ 



ndk_)itra head "Add User Account- 
cat << lEOF 

<FORH ACTION-"S(SUKCGI)S(PKGCGIi/useradd.cgi- KETHOD= " POST " > 

Ua^^'lxjain- <INPUt NAHE--U3er login' VALUX.-Sl" SIZE.-30"> 55 

U = er Na^-' <INPtJT NAME.'user_name- VftLUX."S2- SIZE-'30-> 

P«,<»word-' <INPUT HAKE- "user jpass l" VAL'JE--'$3- TY?E»"pa33vord" SI2E-V 

Reenter Paasvord: <INPUT NAME--u3er_pa33_2- VALirE--$4- TyPE»-pa2Sword- SIZE-" 

<BR><P>Loqin Shell: <SEL£CT NA^-" what_3heli " > 

<OPTION VALUE-" /bin/3h"> Bourne Shell 

<CPTION VALOS-' A>in/k3h'> Korn Shell 

<OPTION VALUE-" A>in/C3h"> C Shell 

</SELECT> 

■<:/PRE> 

5^ave the paasword fields blank only if the user doesn't -ant a password. 
Choose <STROSG>Add</STRONG> to add the user or choose <STOONG>Re s ec< /STP.ONO 
to reset all the fields. <BR> 

<P><IKPUT TYPE-'submit" VALUE- "Add" XINPUT TTPE-'reset" VALUE- " Be set " > 
</FORK> 

<P><HR> , 
<A ^KEF-"SPKGCGI/index.cgi">U3er AdrrjLnistration</A> I 
<A aREr-'SNAXCGI/3y3tem.cgi">Sy3te25 Admini3tration</A> I 
O, EREr-"SNAj;CGI/inain,cqi">Kain Admini3tration< /A> 

</BOor> 

</BTKL> 
lEOF 
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HroctSSe-S '^to V'on '-^-^ -ed bva "Ada, tUcr' ^-o r 

I ! /bin/ltah Ipraqrna idem "S ( I ) useradd . eg i 

1 VarUbles. APPt N^Ii I V 6 

PKG-SLTMWuserA 



I Load the libraries 

/opt /SUN''(-a>c./ 1 ib/na)c . g lobd Is 
. $pKGR00T/cgi-bin/u3ercoiiiBon.cgi 



exec SPXGROOT/egi- 



c SPKGROOT/cgi-bin/u; 



■.""W_user_pa3 5_2" "<-- Can't 
r_login" " $WWW_v 



•'_u s e r_pa 



c SPKGBC0T/cgi-bin/u3erl .cgi ' Swv.-w_us er_l ogin" " 

'SWn-W user cuii'! 1" 'SWWW n.<ipr m i n 5" • <: — Swwi 



S (checX_jM 
if (1 S7 ! 



'$Wn-w_u3er_pa3 3_l" 'SWrfW_uaer_pa 

<ocd "5vfr™ U3er_pa33_l 
0 ]] 



SHn'>J_u3er_loqin is invalid." 



user _j>a33_2' ) 



: $PXGR0OT/cgi-bin/u3erl . eg 
•S'nVW_u3er_pa33_l" 'i'>fWj 



:rjpas. 



uidlist-S (awk -F: '(print $3}' /etc/pasavd) 
.^0 nctfoiind-1 

while tl Snot found — 1 li- 
do 

uid-$uid+l 
not f ound-O 
45 for 1 in Suidlist 

do 

if (( 'Suid' =- Si 11 




not found- 1 



if II ! -t •$www_u3er_pa33_l" tt S { *'«>rrf_u3er_jja3 3_ll -It 6 1 ] 
then 

exec SPKGHOOT/cgi-bin/userl .cgi "$i>rww_u3er_login" "Skvw user_najne" \ 
-$WWH_u3erjja33_l° " Sww-H_u3er__pa3 3_2 " ""\ 
■< — At least six characters is reqpjired." 

fi 
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password=S(SNA,KPi<GS/SiJNWnalc/bin/gct.passwd " $'«>v_u3er j.d33_l " ) 

add oasswd entry " SV<'WW_u se r_lQqia" "Suit!' " ?Wrf-^_u3e ;_name " " 5''.-.^-vJ_vhat_3 he 1 i ' 
add_3hadow_entry "SV-»W_u,'3er_3-ogi'n" "Spaasword" 




A method for administering a network sen/er over networlt connections using an interfacing computer said 
comprising the steps of 

configuring tine networl< server for use over networl< connections: 

configuring soilware pact^ages on the networl< server for executing a set of administrative tasl^s on the 

selecting on a first set of graphical user interface forms displayed a preferred administrative task from said 
set of administrative tasks: 



inputting of information, by a user, relevant to said preferred administrative task on a second set of graphic, 
user interface forms at the remote location: 



submitting the user input over the network connections to the network server: and 

executing the preferred administrative task on the network server using the configured packages and com.- 
mands native to the network server in a manner specified by the user input, 

A method according to claim 1 wherein said step of configuring software packages is achieved in a predetermined 
sequential order. 

A method according to Claim 1 wherein the set of administrative tasks include reconfiguring the network server 

4. A method according to Claim 1 wherein the set of administrative tasks includes adding a new user account. 

5. A method according to Claim 1 further comprising the step of validating the submitted user input prior to executing 
the preferences administrative task. 

6. A method according to Claim 5 where the step of validating includes displaying success and error messages to 
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the user at the interfacing computer. 

7. A method according lo claim 1 wherein the network server runs in the UNIX operating er 

a. A method according to claim 1 wherein the step of configuring the network server for use c 
is achieved through a removable media provided to the server, said removable media conts 

9. In a computer system, an interface system for administering, from a remote location, a net'/, 
system comprising; 

a set of network connections; 

an interfacing computer at said remote location, said interfacing computer for transacting a plura/ity of admin- 
istrative tasks on said network server over said set of network connections- sasd interfacing computer platform 
independent of said network server; and 

a graphical user interface coupled to said interfacing computer that correlates said administralive tasks of the 
network server to a set of menu items provided on forms displayed by said graphical user interface, wherein 
user input submitted through said menu items is translated on the network server to complete transactions of 
said administrative tasks. 

10. The interface system of claim 9 wherein said netv/ork server is configured on the UNIX operating environment. 

11. The interface system of Claim 9 wherein said network sen/er self-configures software necessary for connecting 
to said interfacing computer over said set of network connections. 

12. The interface system of Claim 9 wherein said network seiver requires no display device. 

1 3. The interface system of Claim 9 wherein said graphicai user interface is a set of hyper-text markup language forms 
accessible through a world-wide web browser 

elude configuring the network server lo operate 

15. The interface system of claim 9 wherein said administrative tasks include adding new users and modilying user 
information for existing users of the network server' 



n 9'wherein said administrative tasks further include configuring the network s 
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FIG. 2A 



/Ietc/rc2.d program does this: 



FIG, 28 
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START ^ 

USER UUNCHES WEB-BROWSER AND 
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USER ENTERS LOGIN AND PASSWORD 
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SERVER 1 100 
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1200 
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I 1400 
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FIG, 4 
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FIG. 5 
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^ 53 Neiscope: Lance Ethernet Administration 
I File Edit View Go Bookmorks Options Directory Help 



Lonce Ethernet Administration 



Enter the configuration informotion for ttie 1st interfoce. When 
entering either the P address or the P octmask, type four 
decimal members separated by periods. Exomple: 123.112.123. 
To choose figure time this interfoce, clear the P address field. 

IP oddress: 1 129.1 46.342.289l 

IP Netmosk: [391253.253.0 | 

Choose Configure to store the ref connection entered. The 
mochine must be rebooted for those volues to toke effect. 
Choose Reset to reset the status on this form to their previous 
values. 

I Configure] [Reset [ 



Network Interfoce Administrotion I Mors Administrotion 




FIG. 7 
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' ^a Netscope: Add User Account 

I File Edit View Go Bookmprks Options Directory Help 



Add User Account 



User Login: 1 1 [ 

User Nome: |l | 

Possword: 1 1 [ 

counter possword: j I | 

logis shell: | Bourne Shell ^~^\ 



Leove the password fields blonk only if the user doesn't 
want 0 password. Choose Add to odd the user or choose 
Reset to reset oil the fields. 




User Administrotion | System Adnninistration I Moin Administration 




FIG. 8 
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